When authenticating in a gdm (Gnome Display Manager) session, the credentials cache file cannot be created, because /run/user/%{uid}/krb5cc is a dynamically created directory.
So, even if "vas.conf" is changed to "default_ccache_name=FILE/run/user/%{uid}/krb5cc", the ticket cache cannot be created by VAS.Download and install Authentication Services 4.1.0.22363 or higher.
Update vas.conf with the following setting:
# /opt/quest/bin/vastool configure vas libdefaults default_ccache_name 'DIR:/run/user/%{uid}/krb5cc'
This will make QAS use the DIR: credential cache. Other default_cc_name values are not yet supported if QAS needs to create the user's directories.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center